CVE-2023-32804
published 2023-12-04CVE-2023-32804: Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd…
PriorityP341high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.23%
13.5th percentile
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | r41p0 – r44p0 | — |
| arm | bifrost_gpu_kernel_driver | r0p0 – r44p0 | — |
| arm | midgard_gpu_kernel_driver | r0p0 – r32p0 | — |
| arm | valhall_gpu_kernel_driver | r19p0 – r44p0 | — |
| arm_ltd | arm_5th_gen_gpu_architecture_userspace_driver | r41p0 – r44p0 | — |
| arm_ltd | bifrost_gpu_userspace_driver | r0p0 – r44p0 | — |
| arm_ltd | midgard_gpu_userspace_driver | r0p0 – r32p0 | — |
| arm_ltd | valhall_gpu_userspace_driver | r19p0 – r44p0 | — |
| android | — | — | |
| chrome_chrome | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Android
CVE-2023-32804: Mali
vendor_android·2023-12-01·CVSS 7.8
CVE-2023-32804 [HIGH] CVE-2023-32804: Mali
Android Security Bulletin 2023-12-01
CVE: CVE-2023-32804
Severity: HIGH
Component: Mali
References: A-272772567
*
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2023-32804
vendor_chrome·2023-08-23·CVSS 7.8
CVE-2023-32804 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-32804
Long Term Support Channel Update for ChromeOS
CVE-2023-32804
GHSA
GHSA-jhf5-g2pq-ppg2: Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver,
ghsa_unreviewed·2023-12-04
CVE-2023-32804 [HIGH] CWE-787 GHSA-jhf5-g2pq-ppg2: Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver,
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-12-04
Published